<html>
    <?php
    session_start();
    ob_start();
    //the action of the submit button is to vall the id_viewer function
    if (isset($_POST['submit'])) {
        id_viewer($_POST['confirm_password'], $_POST['password']);
    }

    //this function takes the id of the user from URL and takes the password to add this user as a reviewer of a certain conference
    Function id_viewer($password, $confirmpassword) {
        $con = mysql_connect("localhost", "root", "");
        if (!$con) {

            die('Could not connect:' . mysql_error());
        }
        mysql_select_db("mydb", $con);

        // check whether the password or the confirmation of the password is empty
        if ($_POST['confirm_password'] == null || $_POST['password'] == null) {
            echo 'Please fill the required fields';
        } else {
            //take the id of the user from the URL
            $temp_id = $_GET['id'];
            //Get the user email from the from the id provided in URL
            $emailtemp = mysql_query("SELECT request_email FROM request_on_subscribe WHERE temp_id = '$temp_id'")
                    or die(mysql_error());
            While ($row = mysql_fetch_assoc($emailtemp)) {
                $email = $row['request_email'];
            }
            //pass this email to the other pages
            $_SESSION ['email'] = $email;
            //check that both passwords are equal to each other
            IF ($password == $confirmpassword) {
                //Inserting the user into table member
                mysql_query("INSERT INTO member(email, password)
                  VALUES ('$email','$password')")
                        or die(mysql_error());
                //Get the member id from table member
                $temp_member_id = mysql_query("Select member_id
                                        from member
                                        where email = '$email'")
                        or die(mysql_error());

                While ($row = mysql_fetch_assoc($temp_member_id)) {
                    $member_id = $row['member_id'];
                }
                //Get the conference id from table request_on_member
                $temp_conference_id = mysql_query("Select conference_id
                                           from request_on_subscribe
                                           where request_email = '$email'")
                        or die(mysql_error());

                While ($row = mysql_fetch_assoc($temp_conference_id)) {
                    $conference_id = $row['conference_id'];
                }


                //Get the reviewer id
                $privileges_id_reviewer = mysql_query("SELECT privileges_id from privileges where role = 'reviewer'")
                        or die(mysql_error());
                While ($row = mysql_fetch_assoc($privileges_id_reviewer)) {
                    $privileges_id = $row['privileges_id'];
                }
                //insert into previllages table
                mysql_query("INSERT INTO Member_Privileges(member_id, privileges_id, conference_id)
                  VALUES ('$member_id','$privileges_id','$conference_id')")
                        or die(mysql_error());
                //delete the request from the table
                mysql_query("DELETE FROM Request_On_Subscribe where temp_id = '$temp_id'") or die(mysql_error());


                Header("Location:main.php?new=1");
            }
            //if password and confirm the password are not the same
            else {
                echo 'Please Re-enter the password';
            }
        }

        mysql_close($con);
    }

    ob_end_flush();
    ?>
    <head>
        <meta http-equiv="X-UA-Compatible" content="IE=9" />
        <link href="style3.css" rel="stylesheet" type="text/css" />
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body onload ="timeMsg() ">

        <h1 style="font-family:arial; text-align:center">Quick Sign UP</h1>
        <form method="post" Action ="Non_subscribed_signup.php<?php
    if (isset($_GET['id'])) {
        echo '?id=' . $_GET['id'];
    }
    ?>">

            <table>
                <tr>
                    <td>
                        Password:
                    </td>
                    <td>
                        <input type ="password" name ="password" maxlength ="30"/>
                    </td>
                </tr>
                <tr>
                    <td>
                        Confirm Password:
                    </td>
                    <td>
                        <input type ="password" name ="confirm_password" maxlength ="30"/>
                    </td>
                </tr>
                <tr>
                    <td>
                        <input type ="submit" name ="submit" value ="submit" id="toDisable" />
                    </td>
                </tr>
            </table>
    </body>
    <script type="text/javascript">
        function timeMsg() //called automatically when the page is opened
        {
            setTimeout("alertMsg()",1800000); //1800000 = 30 min
        }
        function alertMsg()
        {
            document.getElementById("toDisable").disabled = true;
            alert('Please re-open the page from the link provided in the mail');
        }

    </script>
</html>